Create and configure Virtual eXtensible Local Area Network interfaces.
Operating system version.
$ lsb_release -a
No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 11 (bullseye) Release: 11 Codename: bullseye
Kernel version.
$ uname -a
Linux vxlan-1 5.10.0-16-amd64 #1 SMP Debian 5.10.127-1 (2022-06-30) x86_64 GNU/Linux
IP addresses configured on virtual servers used in this example.
vxlan-1:~$ ip --brief address
lo UNKNOWN 127.0.0.1/8 ::1/128 ens18 UP 172.16.151.111/21 fe80::c41f:38ff:fe73:c92d/64
vxlan-2:~$ ip --brief address
lo UNKNOWN 127.0.0.1/8 ::1/128 ens18 UP 172.16.151.116/21 fe80::34f4:1eff:fe91:808f/64
vxlan-3:~$ ip --brief address
lo UNKNOWN 127.0.0.1/8 ::1/128 ens18 UP 172.16.151.115/21 fe80::f885:67ff:feaa:8513/64
VXLAN over multicast
Add a vxlan link named vxlan124 on every server using VXLAN Network Identifier 124, ens18 physical device, 4789 UDP destination port, and 239.0.0.124 multicast IP address to join.
$ sudo ip link add vxlan124 type vxlan id 124 dev ens18 dstport 4789 group 239.0.0.124
Assign IP address for created link.
vxlan-1:~$ sudo ip address add 192.168.124.101/24 dev vxlan124
vxlan-2:~$ sudo ip address add 192.168.124.102/24 dev vxlan124
vxlan-3:~$ sudo ip address add 192.168.124.103/24 dev vxlan124
Inspect device status.
vxlan-1:~$ ip --brief link show dev vxlan124
vxlan124 DOWN e6:2b:a3:4a:35:dd <BROADCAST,MULTICAST>
vxlan-2:~$ ip --brief link show dev vxlan124
vxlan124 DOWN 72:ae:11:87:58:ed <BROADCAST,MULTICAST>
vxlan-3:~$ ip --brief link show dev vxlan124
vxlan124 DOWN 22:15:fe:dc:9b:aa <BROADCAST,MULTICAST>
Bring interface up on every machine.
$ sudo ip link set vxlan124 up
Send ICMP echo requests to check communication.
vxlan-1:~$ ping -c 1 192.168.124.101
PING 192.168.124.101 (192.168.124.101) 56(84) bytes of data. 64 bytes from 192.168.124.101: icmp_seq=1 ttl=64 time=0.020 ms --- 192.168.124.101 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.020/0.020/0.020/0.000 ms
vxlan-1:~$ ping -c 1 192.168.124.102
PING 192.168.124.102 (192.168.124.102) 56(84) bytes of data. 64 bytes from 192.168.124.102: icmp_seq=1 ttl=64 time=0.189 ms --- 192.168.124.102 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.189/0.189/0.189/0.000 ms
vxlan-1:~$ ping -c 1 192.168.124.103
PING 192.168.124.103 (192.168.124.103) 56(84) bytes of data. 64 bytes from 192.168.124.103: icmp_seq=1 ttl=64 time=0.202 ms --- 192.168.124.103 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.202/0.202/0.202/0.000 ms
vxlan-2:~$ ping -c 1 192.168.124.101
PING 192.168.124.101 (192.168.124.101) 56(84) bytes of data. 64 bytes from 192.168.124.101: icmp_seq=1 ttl=64 time=0.157 ms --- 192.168.124.101 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.157/0.157/0.157/0.000 ms
vxlan-2:~$ ping -c 1 192.168.124.102
PING 192.168.124.102 (192.168.124.102) 56(84) bytes of data. 64 bytes from 192.168.124.102: icmp_seq=1 ttl=64 time=0.015 ms --- 192.168.124.102 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.015/0.015/0.015/0.000 ms
vxlan-2:~$ ping -c 1 192.168.124.103
PING 192.168.124.103 (192.168.124.103) 56(84) bytes of data. 64 bytes from 192.168.124.103: icmp_seq=1 ttl=64 time=0.240 ms --- 192.168.124.103 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.240/0.240/0.240/0.000 ms
vxlan-3:~$ ping -c 1 192.168.124.101
PING 192.168.124.101 (192.168.124.101) 56(84) bytes of data. 64 bytes from 192.168.124.101: icmp_seq=1 ttl=64 time=0.125 ms --- 192.168.124.101 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.125/0.125/0.125/0.000 ms
vxlan-3:~$ ping -c 1 192.168.124.102
PING 192.168.124.102 (192.168.124.102) 56(84) bytes of data. 64 bytes from 192.168.124.102: icmp_seq=1 ttl=64 time=0.224 ms --- 192.168.124.102 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.224/0.224/0.224/0.000 ms
vxlan-3:~$ ping -c 1 192.168.124.103
PING 192.168.124.103 (192.168.124.103) 56(84) bytes of data. 64 bytes from 192.168.124.103: icmp_seq=1 ttl=64 time=0.026 ms --- 192.168.124.103 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.026/0.026/0.026/0.000 ms
List ARP entries.
vxlan-1:~$ ip neigh show dev vxlan124
192.168.124.103 lladdr 22:15:fe:dc:9b:aa STALE 192.168.124.102 lladdr 72:ae:11:87:58:ed STALE
vxlan-2:~$ ip neigh show dev vxlan124
192.168.124.103 lladdr 22:15:fe:dc:9b:aa STALE 192.168.124.101 lladdr e6:2b:a3:4a:35:dd STALE
vxlan-3:~$ ip neigh show dev vxlan124
192.168.124.102 lladdr 72:ae:11:87:58:ed STALE 192.168.124.101 lladdr e6:2b:a3:4a:35:dd STALE
VXLAN over unicast
Add a vxlan link named vxlan21 on every server using VXLAN Network Identifier 21, ens18 physical device, 8472 default UDP destination port.
$ sudo ip link add vxlan21 type vxlan id 21 dev ens18 dstport 0
Assign IP address for created link.
vxlan-1:~$ sudo ip address add 192.168.21.101/24 dev vxlan21
vxlan-2:~$ sudo ip address add 192.168.21.102/24 dev vxlan21
vxlan-3:~$ sudo ip address add 192.168.21.103/24 dev vxlan21
Display link status.
vxlan-1:~$ ip --brief link show dev vxlan21
vxlan21 DOWN 6e:b8:01:78:5e:45 <BROADCAST,MULTICAST>
vxlan-2:~$ ip --brief link show dev vxlan21
vxlan21 DOWN 82:3e:3d:40:a5:a8 <BROADCAST,MULTICAST>
vxlan-3:~$ ip --brief link show dev vxlan21
vxlan21 DOWN 4e:ab:8c:f2:50:fa <BROADCAST,MULTICAST>
Create Forwarding Database entries on every host.
vxlan-1:~$ sudo bridge fdb append 00:00:00:00:00:00 dev vxlan21 dst 172.16.151.116
vxlan-1:~$ sudo bridge fdb append 00:00:00:00:00:00 dev vxlan21 dst 172.16.151.115
vxlan-2:~$ sudo bridge fdb append 00:00:00:00:00:00 dev vxlan21 dst 172.16.151.111
vxlan-2:~$ sudo bridge fdb append 00:00:00:00:00:00 dev vxlan21 dst 172.16.151.115
vxlan-3:~$ sudo bridge fdb append 00:00:00:00:00:00 dev vxlan21 dst 172.16.151.111
vxlan-3:~$ sudo bridge fdb append 00:00:00:00:00:00 dev vxlan21 dst 172.16.151.116
Inspect Forwarding Database entries on every host.
vxlan-1:~$ sudo bridge fdb show dev vxlan21
00:00:00:00:00:00 dst 172.16.151.116 self permanent 00:00:00:00:00:00 dst 172.16.151.115 self permanent
vxlan-2:~$ sudo bridge fdb show dev vxlan21
00:00:00:00:00:00 dst 172.16.151.111 self permanent 00:00:00:00:00:00 dst 172.16.151.115 self permanent
vxlan-3:~$ sudo bridge fdb show dev vxlan21
00:00:00:00:00:00 dst 172.16.151.111 self permanent 00:00:00:00:00:00 dst 172.16.151.116 self permanent
Bring interface up on every machine.
$ sudo ip link set vxlan21 up
Send ICMP echo requests to check communication.
vxlan-1:~$ ping -c 1 192.168.21.101
PING 192.168.21.101 (192.168.21.101) 56(84) bytes of data. 64 bytes from 192.168.21.101: icmp_seq=1 ttl=64 time=0.014 ms --- 192.168.21.101 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.014/0.014/0.014/0.000 ms
vxlan-1:~$ ping -c 1 192.168.21.102
PING 192.168.21.102 (192.168.21.102) 56(84) bytes of data. 64 bytes from 192.168.21.102: icmp_seq=1 ttl=64 time=0.172 ms --- 192.168.21.102 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.172/0.172/0.172/0.000 ms
vxlan-1:~$ ping -c 1 192.168.21.103
PING 192.168.21.103 (192.168.21.103) 56(84) bytes of data. 64 bytes from 192.168.21.103: icmp_seq=1 ttl=64 time=0.208 ms --- 192.168.21.103 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.208/0.208/0.208/0.000 ms
vxlan-2:~$ ping -c 1 192.168.21.101
PING 192.168.21.101 (192.168.21.101) 56(84) bytes of data. 64 bytes from 192.168.21.101: icmp_seq=1 ttl=64 time=0.144 ms --- 192.168.21.101 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.144/0.144/0.144/0.000 ms
vxlan-2:~$ ping -c 1 192.168.21.102
PING 192.168.21.102 (192.168.21.102) 56(84) bytes of data. 64 bytes from 192.168.21.102: icmp_seq=1 ttl=64 time=0.012 ms --- 192.168.21.102 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.012/0.012/0.012/0.000 ms
vxlan-2:~$ ping -c 1 192.168.21.103
PING 192.168.21.103 (192.168.21.103) 56(84) bytes of data. 64 bytes from 192.168.21.103: icmp_seq=1 ttl=64 time=0.142 ms --- 192.168.21.103 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.142/0.142/0.142/0.000 ms
vxlan-3:~$ ping -c 1 192.168.21.101
PING 192.168.21.101 (192.168.21.101) 56(84) bytes of data. 64 bytes from 192.168.21.101: icmp_seq=1 ttl=64 time=0.667 ms --- 192.168.21.101 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.667/0.667/0.667/0.000 ms
vxlan-3:~$ ping -c 1 192.168.21.102
PING 192.168.21.102 (192.168.21.102) 56(84) bytes of data. 64 bytes from 192.168.21.102: icmp_seq=1 ttl=64 time=0.101 ms --- 192.168.21.102 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.101/0.101/0.101/0.000 ms
vxlan-3:~$ ping -c 1 192.168.21.103
PING 192.168.21.103 (192.168.21.103) 56(84) bytes of data. 64 bytes from 192.168.21.103: icmp_seq=1 ttl=64 time=0.020 ms --- 192.168.21.103 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.020/0.020/0.020/0.000 ms
List ARP entries.
vxlan-1:~$ ip neigh show dev vxlan21
192.168.21.103 lladdr 4e:ab:8c:f2:50:fa STALE 192.168.21.102 lladdr 82:3e:3d:40:a5:a8 STALE
vxlan-2:~$ ip neigh show dev vxlan21
192.168.21.103 lladdr 4e:ab:8c:f2:50:fa STALE 192.168.21.101 lladdr 6e:b8:01:78:5e:45 STALE
vxlan-3:~$ ip neigh show dev vxlan21
192.168.21.102 lladdr 82:3e:3d:40:a5:a8 STALE 192.168.21.101 lladdr 6e:b8:01:78:5e:45 STALE